Application Servers

Total Page:16

File Type:pdf, Size:1020Kb

Application Servers Understanding Application Servers Author: Ajay Srivastava & Anant Bhargava TCS, Jan’03 Background Application servers, whatever their function, occupies a large chunk of computing territory between database servers and the end user. This paper will provide an overview of application server and their role in n-tier applications. Intended Audience The paper is intended for anyone interested in knowing application server architecture and it’s role in web applications. The readers of this paper are not require to have an in -depth knowledge of web applications and related technologies but they are require to have an overview of n -tire web application architecture. History of Application Server In the early days of application servers, it was realised that applications (the programs people were using to get work done) themselves, were becoming bigger and more complex -- both to write and to maintain. At the same time, pressure was increasing for applications to share more of their data and sometimes functionality with other applications. More applications were either located on a network or used networks extensively. It seemed logical to have some kind of program residing on the network that would help share application capabilities in an organised and efficient way -- making it easier to write, manage, and maintain the applications. The end result of this thinking was what is now called an application server. However, these servers first appeared in client/server computing and on LANs. At first, they were often associated with "tiered" applications, when people described the functionality of applications as two-tiered (database and client program), three-tiered (database, client program, and application server), or n-tiered (all the above plus whatever). This wa s (and still is) a complex model of application development, and it resisted wide-scale implementation. The Word Application Server Means Before going further, it will be useful to explore the world of the Application Server and to know the answers of some of the most frequently asked questions like: What is an Application server? An Application server is a server program that resides in the server (computer) and provides the business logic for the application programme. The server can be a part of the network, more precisely the part of the distributed network. The server program is a program that provides its services to the client program that resides either in the same computer or on another computer connected through the network. Where exactly the a pplication server fits in? Application servers are mainly used in web based applications that have 3-Tier architecture. 1st Tier: Front end - Browser (thin client), a GUI interface lying at the client/workstation. 2nd Tier : Middle tier - Application Server - set of application program. 3rd Tier: Back end - Database Server. The application server is a second / middle Tier of the 3- tier Architecture. Please refer the diagram below: Web Application Servers (Tier 2) JAVA Ø IBM Websphere Ø Netscape App Server Ø Oracle Web App Server Ø Weblogic Ø Sun NetDynamics ActiveX Ø Microsoft ASP Ø Lotus Domino Client's Browser (Tier1) C/C++ Ø Web Objects Database (Tier3) How Information flows via applicatio n server? The Application server syncs / combines with the web server for processing the request made by the client. If we look at the request-response flow between client, web server and application server then we come to know that the client's request first goes to the web server, which sends the required information to the application server. The application server then sends back the response to the web server after taking an appropriate action. The web server further sends the processed information back to the client. Web server use different approaches or technology for forwarding or receiving back processed information. Some of the most common approaches are CGI (Common Gateway Interface), ASP (Active Server Pages), JSP(Java Server pages), Java Servlets, Java Script etc. What Application Server do First and foremost, application servers connect database information (usually coming from a database server) and the end-user or client program (often running in a Web browser). There are many reasons for having an intermediate player in this connection: · a desire to decrease the size and complexity of client programs · the need to cache and control the data flow for better performance · a requirement to provide security for both data and user traffic. Application servers have different roles, but not every implementation requires the same functionality. Someone might want an application server that simply helps organise their applications for the Web, give them better control over the business logic they contain, and make it easier to monitor and secure the data. They don't need thousands of servers. Other companies, especially big ones, do need to manage thousands of servers. For them, the scalability of an application server is crucial. So some application servers feature scalability, others feature other things, and some try to do everything. What's most important: security, scalability, business logic management, or database connectivity? Features of Application Servers Component Management: Provides the manager for handling all the components and run time services like session management, synchronous/asynchronous client notifications and executes server business logic. Fault Tolerance: Ability of the Application server with no single point of failure, defining policies for recovery and fail-over recovery in case of failure of one object or group of objects. Load Balancing: Ability to send the request to the different servers depending upon the load and availability of the server. Transaction Management Management Console:Single point graphical management console for remotely monitoring clients and server clusters Security:Security features for applications security Types of Application Servers Application servers are categorised mainly in 3 types: Web Information Servers This type of server employs HTML templates and scripts to generate pages incorporating values from the database in them. These types of servers are stateless servers. Some of these types of servers are Netscape Server, HAHT, Allaire, Sybase, SilverStream etc. Component Servers The main purpose of these servers is to provide database access and transaction-processing services to software components including DLL's, CORBA, and Java Bean. Firstly, they provide environment for server-side components. Secondly, they provide access to database and other services to the component. These types of servers are stateless servers. Some of these servers are MTS (provides interface for DLL), Sybase Jaguar, IBM Component broker. Active Application Server This type of server supports and provides a rich environment for server-side logic expressed as objects, rules and components. These types of servers are stateful servers and best suitable for dealing with e-Commerce environments. NOTE: Stateful servers are those servers which play the role of transaction co-ordinator and manage the data state, while Stateless servers doesn't do these things completely on their own, but have to rely on database or transaction monitors for the completion of the transaction. Selection of Application Server Choosing the correct application server to run the J2EE application can play an integral part in the application's success. To decide about an Application Server, the project requirements should first be nailed down. The decision you make will play a role in many aspects of the application, not the least of which is the budget. Different application servers are targeted for different types of applications. The irstf step should be to identify and prioritise the needs of the particular environment. The criteria might include: · Performance · Cost · Development · Support · Compliance · Administration · Scalability/Reliability After you've prioritised, you can begin looking for the application server that best meets the needs. If you run in a large -scale environment (Intranet or Internet) and expect to have lots of traffic to the site, performance should be at the top of the list. Not all app servers perform alike. In fact, a wide range of issues can contribute to how well (or how poorly) the server performs under load. Some of the answers are easy to find, while others might take some investigation or evaluation of the app server by using a similar application and taking some performance metrics. Here is some performance factors to consider: · Use of connection pooling and the types of drivers provided for JDBC support · Use of caching features, and how configurable the cache is · Support of Web servers for request-handling performance · If you plan on using CMP, how is it implemented for the EJB support? If performance isn't at the top of the list, it is still important to understand some of the issues surrounding app-server performance. Sooner or later you'll need it. Cost Cost is usually another factor that will play a role in the decision. Make sure the server you are considering is affordable. When evaluating costs look at: · Pricing structure · Support and maintenance costs · Hardware requirements · Development licenses Development and support Development and Support are two factors that can make or break a project, depending on how experienced the development team is. There are few questions, which you should ask yourself: · Is training available if my team needs it? · How quick is the support turnaround? · What IDEs are integrated with the app server? · What platforms are supported, and can development take place on multiple platforms? · Is runtime server debugging supported or possible? If you have a development team working on the project, make sure the application server supports the creation of multiple application spaces. Nothing will slow a team down more than if they're stepping all over each other while trying to debug and deploy an application. As far as compliance goes, make sure to determine ahead of time what version of specifications the project will be using. Then check to make sure that the app server supports those versions.
Recommended publications
  • Creating Dynamic Web-Based Reporting Dana Rafiee, Destiny Corporation, Wethersfield, CT
    Creating Dynamic Web-based Reporting Dana Rafiee, Destiny Corporation, Wethersfield, CT ABSTRACT OVERVIEW OF SAS/INTRNET SOFTWARE In this hands on workshop, we'll demonstrate and discuss how to take a standard or adhoc report and turn it into a web based First, it is important to understand SAS/INTRNET software and its report that is available on demand in your organization. In the use. workshop, attendees will modify an existing report and display the results in various web based formats, including HTML, PDF Three components are required for the SAS/INTRNET software and RTF. to work. INTRODUCTION 1) Web Server Software – such as Microsoft’s Personal To do this, we’ll use Dreamweaver software as a GUI tool to Web Server/Internet Information Services, or the create HTML web pages. We’ll use SAS/Intrnet software as a Apache Web Server. back end tool to execute SAS programs with parameters selected on the HTML screen presented to the user. 2) Web Browser – Such as Microsoft’s Internet Explorer or Netscape’s Navigator. Our goal is to create the following screen for user input. 3) SAS/INTRNET Software – Called the Application Dispatcher. It is composed of 2 pieces. o SAS Application Server – A SAS program on a Server licensed with the SAS/INTRNET Module. o Application Broker – A Common Gateway Interface (CGI) program that resides on the web server and communicates between the Browser and the Application Server. These components can all reside on the same system, or on different systems. Types of Services 1) Socket Service: is constantly running, waiting for incoming Transactions.
    [Show full text]
  • Modern Web Application Frameworks
    MASARYKOVA UNIVERZITA FAKULTA INFORMATIKY Û¡¢£¤¥¦§¨ª«¬­Æ°±²³´µ·¸¹º»¼½¾¿Ý Modern Web Application Frameworks MASTER’S THESIS Bc. Jan Pater Brno, autumn 2015 Declaration Hereby I declare, that this paper is my original authorial work, which I have worked out by my own. All sources, references and literature used or ex- cerpted during elaboration of this work are properly cited and listed in complete reference to the due source. Bc. Jan Pater Advisor: doc. RNDr. Petr Sojka, Ph.D. i Abstract The aim of this paper was the analysis of major web application frameworks and the design and implementation of applications for website content ma- nagement of Laboratory of Multimedia Electronic Applications and Film festival organized by Faculty of Informatics. The paper introduces readers into web application development problematic and focuses on characte- ristics and specifics of ten selected modern web application frameworks, which were described and compared on the basis of relevant criteria. Practi- cal part of the paper includes the selection of a suitable framework for im- plementation of both applications and describes their design, development process and deployment within the laboratory. ii Keywords Web application, Framework, PHP,Java, Ruby, Python, Laravel, Nette, Phal- con, Rails, Padrino, Django, Flask, Grails, Vaadin, Play, LEMMA, Film fes- tival iii Acknowledgement I would like to show my gratitude to my supervisor doc. RNDr. Petr So- jka, Ph.D. for his advice and comments on this thesis as well as to RNDr. Lukáš Hejtmánek, Ph.D. for his assistance with application deployment and server setup. Many thanks also go to OndˇrejTom for his valuable help and advice during application development.
    [Show full text]
  • Attacking AJAX Web Applications Vulns 2.0 for Web 2.0
    Attacking AJAX Web Applications Vulns 2.0 for Web 2.0 Alex Stamos Zane Lackey [email protected] [email protected] Blackhat Japan October 5, 2006 Information Security Partners, LLC iSECPartners.com Information Security Partners, LLC www.isecpartners.com Agenda • Introduction – Who are we? – Why care about AJAX? • How does AJAX change Web Attacks? • AJAX Background and Technologies • Attacks Against AJAX – Discovery and Method Manipulation – XSS – Cross-Site Request Forgery • Security of Popular Frameworks – Microsoft ATLAS – Google GWT –Java DWR • Q&A 2 Information Security Partners, LLC www.isecpartners.com Introduction • Who are we? – Consultants for iSEC Partners – Application security consultants and researchers – Based in San Francisco • Why listen to this talk? – New technologies are making web app security much more complicated • This is obvious to anybody who reads the paper – MySpace – Yahoo – Worming of XSS – Our Goals for what you should walk away with: • Basic understanding of AJAX and different AJAX technologies • Knowledge of how AJAX changes web attacks • In-depth knowledge on XSS and XSRF in AJAX • An opinion on whether you can trust your AJAX framework to “take care of security” 3 Information Security Partners, LLC www.isecpartners.com Shameless Plug Slide • Special Thanks to: – Scott Stender, Jesse Burns, and Brad Hill of iSEC Partners – Amit Klein and Jeremiah Grossman for doing great work in this area – Rich Cannings at Google • Books by iSECer Himanshu Dwivedi – Securing Storage – Hackers’ Challenge 3 • We are
    [Show full text]
  • Security Guide Release 21.0.2 F10645-01
    1[Oracle®] AutoVue Client/Server Deployment Security Guide Release 21.0.2 F10645-01 October 2018 Oracle® AutoVue Client/Server Deployment Security Guide Release 21.0.2 F10645-01 Copyright © 1999, 2018, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007).
    [Show full text]
  • Oracle Communications Converged Application Server Datasheet
    ORACLE DATA SHEET Oracle Communications Converged Application Server Oracle Communications Converged Application Server is the industry’s most widely used, fastest and most powerful converged Java EE-SIP-IMS application server, delivering a carrier-grade, open, standards-based development and deployment platform for next-generation and enterprise communications applications. As the foundation for several Oracle service delivery products, it is proven to dramatically lower the cost and time of developing and deploying converged Web-telecom applications for communication service providers, enterprises, and contact centers. KEY FEATURES Migration to Communications Application Platforms • Converged Web-telecom application container based on SIP Servlet, IMS, With the explosive proliferation of IP devices such as smartphones, tablets, TVs, home Java EE, Diameter, JSR 309 Media appliances, gaming consoles, and cars, communications service providers (CSP) and Server Control and Web Services enterprises are faced with the operational and business challenges of delivering • SIP Servlet 2.0 built on Java EE 7 innovative services with maximum profitability. In order to achieve this goal, they are includes efficient optimal POJO and CDI interfaces, concurrent session migrating away from expensive, closed, proprietary, application-specific legacy management, web sockets, and platforms, towards virtualized converged communications application platforms. This standard JSON, XML, JAX, JMS dramatically lowers the time and cost of adding new features and extensions to existing interfaces IP-based communication services. It enables CSPs and enterprises to develop and • Virtual Network Function (VNF) deploy applications on a single, unified platform, and re-use those applications across compliance to Network Function Virtualization multiple networks, including the Web, mobile, virtualized, broadband or fixed networks.
    [Show full text]
  • Dynamic Web Acceleration What Is It, Who Needs It, How It Works
    WHITE PAPER Dynamic Web Acceleration What is it, who needs it, how it works TABLE OF CONTENTS Executive Summary ........................................................................................................ 1 The Problem: Inherent Internet Issues ............................................................................. 2 What Causes the Problem? ............................................................................................ 2 The Solution: Dynamic Web Acceleration ....................................................................... 3 Who Can Benefit from Dynamic Web Acceleration ........................................................ 4 The CDNetworks Approach............................................................................................ 4 Case Study: Streamlining the Retail Supply Chain with Dynamic Web Acceleration ........ 5 Conclusion: A Simple Solution for Enhanced eCommerce, Greater Application Adoption, and Lower Costs ............................................................................................................ 6 Appendix: Key Features of CDNetworks’ Dynamic Web Acceleration Solution ............... 7 About CDNetworks ........................................................................................................ 8 Executive Summary Dynamic web acceleration is a service offered by Content Delivery Networks (CDNs) that enables organizations to quickly and reliably deliver applications and dynamic content from a centralized infrastructure to users around the world.
    [Show full text]
  • Session 1 – Main Theme Introduction to Application Servers
    Application Servers Session 1 – Main Theme Introduction to Application Servers Dr. Jean-Claude Franchitti New York University Computer Science Department Courant Institute of Mathematical Sciences 1 Agenda 11 IntroductionIntroduction 22 ApplicationApplication ServersServers KeyKey ConceptsConcepts 33 PatternsPatterns andand ApplicationApplication ServersServers 44 ApplicationApplication ServerServer SupportingSupporting TechnologyTechnology 55 ExpectedExpected ApplicationApplication ServerServer FeaturesFeatures 66 RelatedRelated LifecycleLifecycle andand AdoptionAdoption ProcessesProcesses 77 ConclusionConclusion 2 Icons / Metaphors Information Common Realization Knowledge/Competency Pattern Governance Alignment Solution Approach 33 Who am I? - Profile - ¾ 26 years of experience in the Information Technology Industry, including twelve years of experience working for leading IT consulting firms such as Computer Sciences Corporation ¾ PhD in Computer Science from University of Colorado at Boulder ¾ Past CEO and CTO ¾ Held senior management and technical leadership roles in many large IT Strategy and Modernization projects for fortune 500 corporations in the insurance, banking, investment banking, pharmaceutical, retail, and information management industries ¾ Contributed to several high-profile ARPA and NSF research projects ¾ Played an active role as a member of the OMG, ODMG, and X3H2 standards committees and as a Professor of Computer Science at Columbia initially and New York University since 1997 ¾ Proven record of delivering business
    [Show full text]
  • AJAX: Coming to an Application Near
    Introduction to AJAX Bringing Interactivity & Intuitiveness Into Web Applications By : Bhanwar Gupta SD-Team-Member Jsoft Solutions Applications today • You have two basic choices: Desktop applications and Web applications DesktopDesktop applicationsapplications It usually come on a CD and install completely on your computer. The code that runs these applications resides on your desktop. It is usually pretty fast, has great user interfaces and is incredibly dynamic. WebWeb applicationsapplications It runs on a Web server and you access the application with your Web browser It provides services you could never get on your desktop (think about Amazon.com and eBay). waiting for a server to respond, waiting for a screen to refresh, waiting for a request to come back and generate a new page. ☺☺ AjaxAjax attemptsattempts toto bridgebridge thethe gapgap betwbetweeneen thethe functionalityfunctionality andand interactivityinteractivity What is AJAX ? • A Web development technique for creating interactive web applications IntensionIntension Shift a great deal of interaction to the Web surfer's computer Used to retrieve data and update selected parts of the page without refreshing the entire page Example: Google Suggest, Google Maps ☺☺ IncreaseIncrease thethe WebWeb page'spage's interactivity,interactivity, speespeed,d, andand usability;usability; betterbetter useruser experienceexperience The “birth” of Ajax 3/31/05: Google Pioneers Use of Old Microsoft Tools in New Web Programs “Ajax” “a big step toward the Holy Grail of having the kinds
    [Show full text]
  • C Server Pages: an Architecture for Dynamic Web Content Generation
    C Server Pages: An Architecture for Dynamic Web Content Generation John Millaway Phillip Conrad Dept. of Computer and Information Sciences Dept. of Computer and Information Sciences Temple University Temple University 1805 N. Broad St. 1805 N. Broad St. Philadelphia, PA 19122 Philadelphia, PA 19122 [email protected] [email protected] ABSTRACT curs heavyweight process creation overhead. Approaches that in- This paper introduces C Server Pages (CSP), a highly efficient ar- volve simple template substitution by the web server itself based on chitecture for the creation and implementation of dynamic web so called server-side includes (SSIs) are lightweight, but not very pages. The CSP scripting language allows dynamic web contents to powerful. Application servers such as ColdFusion [3] introduce a be expressed using a combination of C code and HTML. A novel heavyweight run time layer. Interpreted languages such as Java, feature of CSP is that the C portions of the CSP source file are PHP, and Perl are typically slower than compiled languages such compiled into dynamic load libraries that become part of the run- as C. New languages specifically designed for the generation of ning web server, thus avoiding both the overhead of interpreted lan- server side content present an additional learning curve for already guages such as Perl, Java and PHP, as well as the need to create a overburdened developers [8]. separate process. We present an overview of the architecture and This paper introduces an alternative architecture called C Server implementation, and provide results of performance benchmarks Pages (CSP), based on combining languages familiar to many de- showing that CSP outperforms similar mainstream technologies, velopers: HTML, and C.
    [Show full text]
  • Oracle Application Server Containers for J2EE Servlet Developer's Guide
    Oracle® Application Server Containers for J2EE Servlet Developer’s Guide 10g Release 2 (10.1.2) B14017-02 July 2005 Oracle Application Server Containers for J2EE Servlet Developer’s Guide, 10g Release 2 (10.1.2) B14017-02 Copyright © 2002, 2005, Oracle. All rights reserved. Primary Author: Brian Wright Contributing Author: Tim Smith Contributors: Bryan Atsatt, Ashok Banerjee, Bill Bishop, Olivier Caudron, Cania Chung, Olaf Heimburger, Gerald Ingalls, James Kirsch, Sunil Kunisetty, Philippe Le Mouel, David Leibs, Sastry Malladi, Jasen Minton, Debu Panda, Lenny Phan, Shiva Prasad, Paolo Ramasso, Charlie Shapiro, JJ Snyder, Joyce Yang, Serge Zloto, Sheryl Maring, Ellen Siegal The Programs (which include both the software and documentation) contain proprietary information; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent, and other intellectual and industrial property laws. Reverse engineering, disassembly, or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose. If the Programs are delivered to the United States Government or anyone licensing or using the Programs on behalf of the United States Government, the following notice is applicable: U.S.
    [Show full text]
  • IBM Integrated Web Application Server for I
    Agenda Key: 45CF Session Number: 540194 Integrated Web Application Server for i - Removing Excuses Tim Rowe Web Integration for i T/L [email protected] 8 Copyright IBM Corporation, 2009. All Rights Reserved. This publication may refer to products that are not currently available in your country. IBM makes no commitment to make available any products referred to herein. IBM integrated Web application server for i the ‘on-ramp’ to the Web © 2009 IBM Corporation Agenda – Integrated Web Application Server • Introduction – What is ‘it’ – Why did we add this – Why not just use WebSphere Application Server? • How do I create one – Simply of course • Application deployment – What is supported – What is not supported – How do I get my app deployed • Database – What is supported – How do I use the support © 2009 IBM Corporation Introduction • IBM integrated Web application server for i – Goals • IBM i functional enhancement • The Web container is integrated into the operating system • Easy to use • Simplified access, deployment and management • Small, Less resources • Positioned as ‘on-ramp’ to the Web • Replacement for AFS Tomcat © 2009 IBM Corporation Introduction • Integrated Web application server – What is it? • Web container • Based on the OSGI framework • Supports application packaged in a WAR • Runs IBM Technology for Java (32 –bit) • Supports Java Toolbox and Native DB drivers • Web container for ‘simple’ applications © 2009 IBM Corporation Why is this important to the IBM i? • It runs on our smallest boxes • Simple to use • Easy to install
    [Show full text]
  • Oracle® User Productivity Kit In-Application Support
    ORACLE® USER PRODUCTIVITY KIT IN-APPLICATION SUPPORT RELEASE 11.0 PART NO. E23914-01 JULY 2011 COPYRIGHT & TRADEMARKS Copyright © 1998, 2011, Oracle and/or its affiliates. All rights reserved. Part No. E23914-01 Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this software or related documentation is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are “commercial computer software” or “commercial technical data” pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007).
    [Show full text]